这中间密码验证重复出现了3次,我本来想用function解决,但是用function的话里面的$row数组还得要重新查询。主要我担心的时后期维护的时候3段代码都要修改,这样比较麻烦,有没有什么好的办法可以只要修改一个地方可以同时修改3个地方用function实现,或者其他功能调用验证密码那个环节。
1
502<?php
$action = $_GET['action'];
session_start();
require_once('db_config_loverun.php');
require_once('functions.php');
if ($action == 'login') { //登录
$username = stripslashes(trim($_POST['username']));
$password = stripslashes(trim($_POST['password']));
$salt = 'shengtian';
$md5pass = md5($password.$salt);
$sql = "select Nickname, Password, LoginTimes, LastTime, LastIP, err, errTime from members where name=?";
//绑定变量并预处理
$result = $db->prepare($sql);
$result->bind_param("s", $username);
$result->execute();
//输出结果
$row = array();
$result->bind_result($row['Nickname'],$row['Password'],$row['LoginTimes'],$row['LastTime'],$row['LastIP'],$row['err'],$row['errTime']);
$result->fetch(); //获取数据
$result->close(); //释放资源占用
if($row['Nickname']!="") { //判断用户是否存在
if ($row['err']>5 and $row['err'] <20) {//判断错误次数
$errTime = floor((time()-strtotime($row['errTime']))/60);
if($errTime>60) {
//验证密码程序
if ($md5pass == $row['Password']) {
$counts = $row['LoginTimes'] + 1;
$_SESSION['user'] = $row['Nickname'];
$_SESSION['LastTime'] = $row['LastTime'];
$ip = get_client_ip();
$LastTime = date('Y-m-d H:i:s',time());
$result = $db->query("update members set LastTime='$LastTime', LastIP='$ip', LoginTimes='$counts', err=0 where name='$username'");
if ($result) {
$res['success'] = 1; //帐号密码正确
$res['user'] = $_SESSION['user'];
$res['LastTime'] = $_SESSION['LastTime'];
} else {
$res['success'] = 0; //密码错误
}
} else {
$res['success'] = 0; //密码错误
$errCounts = $row['err'] + 1;
$errT = date('Y-m-d H:i:s',time());
$result = $db->query("update members set err='$errCounts', errTime='$errT' where name='$username'");
}
} else {
$res['success'] = 3; //1小时内禁止登录。
}
} elseif($row['err']>=20) {
$errTime = floor((time()-strtotime($row['errTime']))/60);
if($errTime>1440) {
//验证密码程序
if ($md5pass == $row['Password']) {
$counts = $row['LoginTimes'] + 1;
$_SESSION['user'] = $row['Nickname'];
$_SESSION['LastTime'] = $row['LastTime'];
$ip = get_client_ip();
$LastTime = date('Y-m-d H:i:s',time());
$result = $db->query("update members set LastTime='$LastTime', LastIP='$ip', LoginTimes='$counts', err=0 where name='$username'");
if ($result) {
$res['success'] = 1; //帐号密码正确
$res['user'] = $_SESSION['user'];
$res['LastTime'] = $_SESSION['LastTime'];
} else {
$res['success'] = 0; //密码错误
}
} else {
$res['success'] = 0; //密码错误
$errCounts = $row['err'] + 1;
$errT = date('Y-m-d H:i:s',time());
$result = $db->query("update members set err='$errCounts', errTime='$errT' where name='$username'");
}
} else {
$res['success'] = 4; //24小时内禁止登录。
}
} else {
//验证密码程序
if ($md5pass == $row['Password']) {
$counts = $row['LoginTimes'] + 1;
$_SESSION['user'] = $row['Nickname'];
$_SESSION['LastTime'] = $row['LastTime'];
$ip = get_client_ip();
$LastTime = date('Y-m-d H:i:s',time());
$result = $db->query("update members set LastTime='$LastTime', LastIP='$ip', LoginTimes='$counts', err=0 where name='$username'");
if ($result) {
$res['success'] = 1; //帐号密码正确
$res['user'] = $_SESSION['user'];
$res['LastTime'] = $_SESSION['LastTime'];
} else {
$res['success'] = 0; //密码错误
}
} else {
$res['success'] = 0; //密码错误
$errCounts = $row['err'] + 1;
$errT = date('Y-m-d H:i:s',time());
$result = $db->query("update members set err='$errCounts', errTime='$errT' where name='$username'");
}
}
} else {
$res['success'] = 2; //用户不存在
}
echo json_encode($res);
} elseif ($action == 'logout') { //退出
unset($_SESSION);
session_destroy();
} else {
header("location: ./");
exit;
}
?>
赞 +0
Copyright 2014-2025 https://www.php.cn/ All Rights Reserved | php.cn | 湘ICP备2023035733号
收藏
拥有18年软件开发和IT教学经验。曾任多家上市公司技术总监、架构师、项目经理、高级软件工程师等职务。 网络人气名人讲师,...